Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/4b7576-2b9c-43af-8817-6b0065508996/1/BfNoWO61usPgxOhKqJiAlbUSrX0.roa
File: BfNoWO61usPgxOhKqJiAlbUSrX0.roa (raw, json)
Hash identifier: 0y6W6YT7stkDyI16q/A5SGMn5/cd6K9wQIIAf9cKCH8=
Subject key identifier: 05:F3:68:58:EE:B5:BA:C3:E0:C4:E8:4A:A8:98:80:95:B5:12:AD:7D
Certificate issuer: /CN=5a4a47d582bb0e9680f89258ab96d05867d352ef
Certificate serial: 0181D82EB50E58682DEFD84EBB33ED218744
Authority key identifier: 5A:4A:47:D5:82:BB:0E:96:80:F8:92:58:AB:96:D0:58:67:D3:52:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WkpH1YK7DpaA-JJYq5bQWGfTUu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/4b7576-2b9c-43af-8817-6b0065508996/1/BfNoWO61usPgxOhKqJiAlbUSrX0.roa
Signing time: Thu 07 Jul 2022 10:22:28 +0000
ROA not before: Thu 07 Jul 2022 10:22:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61137
IP address blocks: 91.229.65.0/24 maxlen: 24
185.76.128.0/22 maxlen: 22
185.76.130.0/24 maxlen: 24
185.76.131.0/24 maxlen: 24
5.53.96.0/22 maxlen: 22
5.53.100.0/24 maxlen: 24
109.205.28.0/23 maxlen: 23
91.229.64.0/24 maxlen: 24
91.229.64.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d8:2e:b5:0e:58:68:2d:ef:d8:4e:bb:33:ed:21:87:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a4a47d582bb0e9680f89258ab96d05867d352ef
Validity
Not Before: Jul 7 10:22:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=05f36858eeb5bac3e0c4e84aa8988095b512ad7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2d:5e:89:b0:b4:c4:13:71:02:02:a7:e8:f7:
39:14:fb:c1:f7:d7:c7:60:7a:0b:1e:8a:72:41:d1:
2b:9b:17:46:38:c1:da:9a:74:76:ef:d7:af:6c:cb:
5c:a5:8c:0a:0e:1e:45:51:d0:b3:27:f5:81:5b:dc:
bd:6a:16:54:ff:9a:c9:1c:f3:b7:ed:7b:2d:1d:a3:
9a:47:94:7c:ea:f3:df:bd:6b:eb:1c:1e:39:d9:43:
65:b8:50:7e:4e:2c:3d:a3:45:d6:e3:92:9d:05:c5:
3d:74:a3:92:90:1b:bb:98:29:1a:be:a5:69:2f:b6:
a7:7a:66:09:6c:e5:fc:fd:c7:f3:ff:0e:db:2a:71:
99:50:c5:16:18:57:62:9d:c2:b5:21:01:91:b8:69:
99:5b:51:65:30:d3:b8:3b:49:33:06:8b:19:a2:c8:
b5:99:39:b8:b4:f5:60:e6:68:8b:fb:80:b0:e0:78:
2e:e4:66:28:c5:e9:ae:50:a1:c9:ee:50:02:6d:d6:
75:a0:be:fc:8d:0b:f7:41:f7:97:da:d7:b9:71:82:
69:db:06:a5:84:a9:70:dc:a5:6d:2c:b7:5e:d6:9a:
0a:00:68:2e:60:9e:d4:13:92:d1:8c:19:fd:24:37:
02:12:0c:13:5c:8a:3e:ed:d8:76:2b:9e:80:e3:ca:
83:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:F3:68:58:EE:B5:BA:C3:E0:C4:E8:4A:A8:98:80:95:B5:12:AD:7D
X509v3 Authority Key Identifier:
keyid:5A:4A:47:D5:82:BB:0E:96:80:F8:92:58:AB:96:D0:58:67:D3:52:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WkpH1YK7DpaA-JJYq5bQWGfTUu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4b7576-2b9c-43af-8817-6b0065508996/1/BfNoWO61usPgxOhKqJiAlbUSrX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4b7576-2b9c-43af-8817-6b0065508996/1/WkpH1YK7DpaA-JJYq5bQWGfTUu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.53.96.0-5.53.100.255
91.229.64.0/23
109.205.28.0/23
185.76.128.0/22
Signature Algorithm: sha256WithRSAEncryption
25:c8:c7:9d:5e:cd:72:84:79:cf:e5:e2:82:97:ee:4c:5f:92:
c8:6a:42:f7:77:07:48:4f:02:97:0c:f9:c6:f4:be:59:6a:8e:
c3:ef:53:a5:67:c5:90:82:70:7d:20:3f:5d:aa:ac:1b:6f:2d:
a2:32:ed:69:b4:6a:36:f1:9b:b9:f9:68:76:a8:d0:d4:9f:c3:
49:36:5d:29:65:66:ba:73:d7:99:4d:e7:cc:44:23:ab:4f:d6:
81:9b:a9:5b:6c:a1:2b:84:59:d2:c0:93:f6:2f:73:86:a7:24:
c7:fc:72:b2:e1:6d:b0:2b:02:36:1c:a3:1f:c0:f3:44:eb:a5:
f1:52:50:8d:dc:a9:e8:8d:5c:2b:d8:60:d8:16:63:78:1c:b2:
72:c9:24:72:bb:fa:95:f2:fc:56:de:c1:e7:1f:04:13:bb:0a:
ce:54:3d:8c:be:0b:b3:ae:65:91:1b:89:16:aa:f3:51:30:05:
d4:09:43:78:7d:cd:53:b7:42:d5:3e:b9:df:9f:6d:56:dc:01:
7e:f4:32:c6:48:b7:a7:39:43:89:6f:ff:2a:6f:49:98:a0:03:
0f:df:4c:4c:ab:8a:51:cf:82:3d:f6:ae:66:5c:0e:e3:29:01:
52:e1:0c:ce:96:f2:4c:b7:fa:fa:e8:1c:c1:8a:c2:27:77:7b:
94:82:4f:fd
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYHYLrUOWGgt79hOuzPtIYdEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNGE0N2Q1ODJiYjBlOTY4MGY4OTI1OGFiOTZkMDU4Njdk
MzUyZWYwHhcNMjIwNzA3MTAyMjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWYzNjg1OGVlYjViYWMzZTBjNGU4NGFhODk4ODA5NWI1MTJhZDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqy1eibC0xBNxAgKn6Pc5FPvB99fH
YHoLHopyQdErmxdGOMHamnR279evbMtcpYwKDh5FUdCzJ/WBW9y9ahZU/5rJHPO3
7XstHaOaR5R86vPfvWvrHB452UNluFB+Tiw9o0XW45KdBcU9dKOSkBu7mCkavqVp
L7anemYJbOX8/cfz/w7bKnGZUMUWGFdincK1IQGRuGmZW1FlMNO4O0kzBosZosi1
mTm4tPVg5miL+4Cw4Hgu5GYoxemuUKHJ7lACbdZ1oL78jQv3QfeX2te5cYJp2wal
hKlw3KVtLLde1poKAGguYJ7UE5LRjBn9JDcCEgwTXIo+7dh2K56A48qDXwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAXzaFjutbrD4MToSqiYgJW1Eq19MB8GA1UdIwQY
MBaAFFpKR9WCuw6WgPiSWKuW0Fhn01LvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2twSDFZSzdEcGFBLUpKWXE1YlFXR2ZUVXU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS80Yjc1NzYtMmI5Yy00M2FmLTg4MTct
NmIwMDY1NTA4OTk2LzEvQmZOb1dPNjF1c1BneE9oS3FKaUFsYlVTclgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS80Yjc1NzYtMmI5Yy00M2FmLTg4MTctNmIwMDY1NTA4OTk2
LzEvV2twSDFZSzdEcGFBLUpKWXE1YlFXR2ZUVXU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAUFNWAD
BAAFNWQDBAFb5UADBAFtzRwDBAK5TIAwDQYJKoZIhvcNAQELBQADggEBACXIx51e
zXKEec/l4oKX7kxfkshqQvd3B0hPApcM+cb0vllqjsPvU6VnxZCCcH0gP12qrBtv
LaIy7Wm0ajbxm7n5aHao0NSfw0k2XSllZrpz15lN58xEI6tP1oGbqVtsoSuEWdLA
k/Yvc4anJMf8crLhbbArAjYcox/A80TrpfFSUI3cqeiNXCvYYNgWY3gcsnLJJHK7
+pXy/FbewecfBBO7Cs5UPYy+C7OuZZEbiRaq81EwBdQJQ3h9zVO3QtU+ud+fbVbc
AX70MsZIt6c5Q4lv/ypvSZigAw/fTEyrilHPgj32rmZcDuMpAVLhDM6W8ky3+vro
HMGKwid3e5SCT/0=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:32:48 2025 by rpki-client